Can NAS be used as cloud storage?

A NAS can act as cloud storage for devices on your local network — it stores files centrally and serves them over the LAN. For off-site access and protection against fire, theft, or hardware failure, you also need an encrypted cloud copy. The 3-2-1 backup rule treats the NAS as the on-premises copy and the cloud as the off-site copy.

Is a NAS better than cloud storage?

A NAS and cloud storage are complementary, not competitors. A NAS gives you fast local access, full control, and no monthly fees. Cloud storage gives you off-site protection, geographic redundancy, and access from anywhere. The 3-2-1 backup rule uses both: three copies of every file, two media types, one off-site. Internxt is the encrypted off-site copy for Synology and QNAP setups.

What are the downsides of NAS?

A NAS is a single point of failure for the data on its drives. Hardware failures, fires, theft, and ransomware that compromises the NAS endpoint can all destroy local copies. A NAS also lacks geographic redundancy: if the building goes down, so does the data. Pairing a NAS with encrypted cloud backup closes both gaps and satisfies the 3-2-1 backup rule.

Does Internxt work with Synology and QNAP?

Yes. Internxt's NAS support runs as a Docker container on Synology DSM 7+ and QNAP QTS 5+. The container exposes a mount that Hyper Backup, Cloud Sync, or HBS3 can target as a backup destination. Files are encrypted on the NAS with Kyber-512 and AES-256 before upload, and the encryption keys never leave your hardware.

How to back up NAS to cloud?

NAS cloud backup runs in three steps: install the Internxt CLI Docker container on Synology DSM 7+ or QNAP QTS 5+, mount a NAS volume to the container, and point Hyper Backup, Cloud Sync, or HBS3 at the mounted destination. Files encrypt on the NAS with Kyber-512 and AES-256 before upload, and incremental snapshots run on the schedule your NAS tool enforces.

Best NAS Cloud Backup Solution (QNAP & Synology)

NAS

QNAP & Synology NAS Support

Connect your NAS device to Internxt Drive for secure file storage and backups.

Synology and QNAP

Secure transfers

Encrypted syncing and backups

Get Internxt

What is a NAS device, and why should I use it?

NAS cloud backup is encrypted cloud storage that takes a copy of your NAS data off-site, so files survive hardware failure, theft, or local disasters. A NAS device is the on-premises copy; the cloud holds the off-site copy. Internxt connects to Synology and QNAP through a Docker container, so backups leave the network already encrypted.

Files are encrypted on the device with Kyber-512 post-quantum cryptography and AES-256, and the keys live only on your hardware. The architecture is open source on GitHub and independently audited. Learn more about private cloud storage at internxt.com/private-cloud-storage-solutions.

Internxt NAS integrations

Internxt's NAS integrations run as a Docker container that pulls our open-source CLI image, registers with your Internxt account, and exposes a mount point inside Synology DSM 7+ or QNAP QTS 5+. From there, Hyper Backup or HBS3 treats the mount as a backup destination. The same workflow your NAS already runs, with ciphertext-only upload to our European data centers. Setup takes about ten minutes and runs unattended once configured.

Synology

Synology NAS cloud backup connects DSM-native tools to Internxt's encrypted cloud. The Internxt CLI runs as a Docker container inside DSM, exposing a mount that Hyper Backup or Cloud Sync can target. Source-side encryption means your Synology volume contents leave the network already wrapped in Kyber-512 and AES-256 ciphertext, so Internxt and our infrastructure partners only ever store the encrypted blocks. Restores stream back through the same container with the encryption keys held on your hardware.

synology nas cloud backup

QNAP

QNAP NAS cloud backup uses the same Docker pattern as Synology, running our CLI image inside QTS as a Container Station service. HBS3 (Hybrid Backup Sync 3) points at the exposed mount and pushes ciphertext to Internxt's European OVHcloud data centers. The container is the only piece that touches plaintext. Once it hands files to the cloud, both Internxt and our infrastructure partners see encrypted blocks only. Versioning is preserved, so a ransomware infection on the QNAP cannot rewrite the cloud copy.

qnap backup

Internxt Drive for NAS

Keep your files safe, accessible, and private

Get Internxt

Backup your NAS in the cloud

NAS cloud backup sends your NAS data to encrypted off-site storage where files survive hardware failure, theft, ransomware, or accidental deletion. Internxt's NAS support runs alongside your existing Synology Hyper Backup or QNAP HBS3 workflow, treating the cloud copy as the off-site arm of the standard 3-2-1 backup rule. Every upload is encrypted on your device with Kyber-512 and AES-256 before it leaves the network, and your encryption keys never leave your hardware. Explore more about cloud storage backup solutions at internxt.com/cloud-storage-backup-solutions.

Data loss protection

Data loss protection means the cloud copy of your NAS data is independent of the local hardware that holds the original. Internxt is the off-site copy in the 3-2-1 backup rule: three copies of every file, on two media types, with one copy held off-site. Hyper Backup on Synology and HBS3 on QNAP push incremental snapshots to our European data centers on the schedule you set. If a drive fails, a fire takes the rack, or ransomware encrypts the array, the encrypted cloud copy is recoverable from any client.

Real-time syncing

Real-time syncing keeps the cloud copy current as files change on the NAS. Backup jobs run on the schedule Hyper Backup or HBS3 enforces, typically hourly for active directories and daily for archives. Files up to 5 TB per object upload over a single TLS 1.3 connection, and incremental syncs transfer only the changed blocks. The Internxt clients on Windows, macOS, Linux, iOS, and Android read the same encrypted copy as the NAS, so a file edited on a laptop appears on the next NAS sync without re-encryption.

Security

Security on Internxt's NAS backup rests on three architectural choices. Files are encrypted on your device with Kyber-512 post-quantum cryptography and AES-256 before upload, so only ciphertext reaches our European OVHcloud data centers. Encryption keys are stored only on your hardware, so Internxt has no access to them and cannot decrypt your files even under legal compulsion. The codebase is open source on GitHub, was independently audited, and runs under ISO 27001:2022 and HIPAA compliance with GDPR governance across all EU data centers.

Ransomware recovery

Ransomware recovery on a NAS depends on whether the attacker can reach the backup copy. Internxt's architecture closes that path. Ransomware that compromises a Synology or QNAP endpoint can encrypt local volumes, but the cloud copy is held under different keys—your on-device encryption keys, not the NAS account's credentials. Internxt also retains versioned snapshots, so a forensic restore can pull the last clean version from before the infection. The attacker only sees ciphertext on our infrastructure and never holds the keys to undo it.

What Internxt offers with NAS devices

Internxt extends a single encrypted account across Synology, QNAP, and every other device your team uses. The same files, the same keys, the same ciphertext-only architecture, accessible from a Docker container on the NAS and from web, desktop, and mobile clients.

QNAP & Synology devices

QNAP and Synology integration runs through the Internxt CLI Docker image. On Synology DSM 7+, the container appears as a Hyper Backup destination. On QNAP QTS 5+, HBS3 treats it as a Hybrid Backup target. Either path encrypts data on-device with Kyber-512 and AES-256 before upload, mounts the cloud as a native filesystem path, and respects the NAS's own scheduling. No proprietary backup format: the cloud copy is a direct ciphertext mirror of the local NAS state.

Access from anywhere

Encrypted remote access reads the same cloud copy from any device with Internxt installed. Web, Windows, macOS, Linux, iOS, and Android clients each decrypt locally with your on-device key. The cloud surface is a single source for the NAS data, the laptop's working files, and the phone's mobile uploads. One ciphertext store, one key custody model, six client shapes. Connections use TLS 1.3, and the EU data center footprint keeps requests inside GDPR jurisdiction by default.

Ransomware protection

Ransomware protection on a NAS backup depends on whether the attacker can rewrite the backup copy. Internxt holds versioned ciphertext, and the encryption keys live on your device, not in the NAS account. An infection that encrypts local DSM or QTS volumes cannot decrypt or destroy the cloud copy, because the attacker doesn't hold the keys. Recovery pulls the last clean version from the version history, restores through the same Docker container that handled the original backup, and writes back to a clean NAS volume.

QNAP & Synology devices

QNAP and Synology integration runs through the Internxt CLI Docker image. On Synology DSM 7+, the container appears as a Hyper Backup destination. On QNAP QTS 5+, HBS3 treats it as a Hybrid Backup target. Either path encrypts data on-device with Kyber-512 and AES-256 before upload, mounts the cloud as a native filesystem path, and respects the NAS's own scheduling. No proprietary backup format: the cloud copy is a direct ciphertext mirror of the local NAS state.

Access from anywhere

Encrypted remote access reads the same cloud copy from any device with Internxt installed. Web, Windows, macOS, Linux, iOS, and Android clients each decrypt locally with your on-device key. The cloud surface is a single source for the NAS data, the laptop's working files, and the phone's mobile uploads. One ciphertext store, one key custody model, six client shapes. Connections use TLS 1.3, and the EU data center footprint keeps requests inside GDPR jurisdiction by default.

Ransomware protection

Ransomware protection on a NAS backup depends on whether the attacker can rewrite the backup copy. Internxt holds versioned ciphertext, and the encryption keys live on your device, not in the NAS account. An infection that encrypts local DSM or QTS volumes cannot decrypt or destroy the cloud copy, because the attacker doesn't hold the keys. Recovery pulls the last clean version from the version history, restores through the same Docker container that handled the original backup, and writes back to a clean NAS volume.

How to set up your NAS device with Internxt

Setting up Internxt on a Synology or QNAP NAS takes three steps: pull the Docker image, configure the container with your Internxt credentials, and point Hyper Backup or HBS3 at the mounted volume. The CLI README, the user guide, and the open-source repository back each step. Discover more about our open-source cloud storage at internxt.com/open-source.

1

ReadMe

The Internxt CLI Docker image lives on GitHub Container Registry. Pull with `docker pull internxt/cli:latest`, run the container with your Internxt API token, and mount `/data` to the NAS volume you want to back up. Synology DSM 7+ exposes this through Container Manager; QNAP QTS 5+ uses Container Station. The README covers the full docker run command, required ports, and volume mounts.

Read guide

2

User guide

On Synology, install Docker (or Container Manager on DSM 7.2+), pull the Internxt image, configure environment variables for your account, and add the mount as a Hyper Backup destination. On QNAP, the flow is the same through Container Station and HBS3. The user guide walks through screen-by-screen setup for each platform with screenshots, retention policies, and recovery workflows.

Learn more

3

Open source

The Internxt CLI repository at github.com/internxt/cli holds every client file the Docker container runs. The same codebase powers the open-source cloud storage product on every platform. The repository carries release notes for each version. Verifying claims about encryption or key handling means reading the actual code, not a marketing PDF.

See details

1

ReadMe

The Internxt CLI Docker image lives on GitHub Container Registry. Pull with `docker pull internxt/cli:latest`, run the container with your Internxt API token, and mount `/data` to the NAS volume you want to back up. Synology DSM 7+ exposes this through Container Manager; QNAP QTS 5+ uses Container Station. The README covers the full docker run command, required ports, and volume mounts.

Read guide

2

User guide

On Synology, install Docker (or Container Manager on DSM 7.2+), pull the Internxt image, configure environment variables for your account, and add the mount as a Hyper Backup destination. On QNAP, the flow is the same through Container Station and HBS3. The user guide walks through screen-by-screen setup for each platform with screenshots, retention policies, and recovery workflows.

Learn more

3

Open source

The Internxt CLI repository at github.com/internxt/cli holds every client file the Docker container runs. The same codebase powers the open-source cloud storage product on every platform. The repository carries release notes for each version. Verifying claims about encryption or key handling means reading the actual code, not a marketing PDF.

See details

Your files, your control

Manage your NAS with Internxt

Get Internxt

Download Internxt

Get seamless file management and secure cloud storage on the go with the Internxt mobile app for iOS or Android.

Newsletter

Want to hear from us when we launch new products or release a new update? Type your mail address and we’ll do the rest!

By subscribing you agree to our privacy policy.